theevilbit/Shield

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/theevilbit/Shield)

theevilbit / Shield

An app to protect against process injection and suspicious file links on macOS

☆228

Alternatives and similar repositories for Shield

Users that are interested in Shield are comparing it to the libraries listed below

Sorting:

objective-see / ProcessMonitor
View on GitHub
Process Monitor Library (based on Apple's new Endpoint Security Framework)
☆494Oct 20, 2023Updated 2 years ago
trailofbits / sinter
View on GitHub
A user-mode application authorization system for MacOS written in Swift
☆300Sep 18, 2020Updated 5 years ago
themittenmac / TrueTree
View on GitHub
A command line tool for pstree-like output on macOS with additional pid capturing capabilities
☆276Aug 23, 2024Updated last year
SuprHackerSteve / Crescendo
View on GitHub
Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework.
☆1,071Jul 22, 2021Updated 4 years ago
objective-see / FileMonitor
View on GitHub
File Monitor Library (based on Apple's new Endpoint Security Framework)
☆376Oct 9, 2022Updated 3 years ago
PhorionTech / Kronos
View on GitHub
Phorion Kronos is a macOS security tool designed to enhance Apple's Transparency Consent and Control (TCC) security and privacy mechanism…
☆80Nov 21, 2023Updated 2 years ago
Alkenso / sEndpointSecurity
View on GitHub
☆11Jun 5, 2024Updated last year
gyunaev / macprocmon
View on GitHub
MacOS X process monitor using EndpointSecurity extension.
☆37Sep 29, 2025Updated 5 months ago
objective-see / DNSMonitor
View on GitHub
A DNS Monitor, leveraging Apple's NEDNSProxyProvider/Network Extension Framework
☆211Aug 20, 2024Updated last year
objective-see / BlockBlock
View on GitHub
BlockBlock provides continual protection by monitoring persistence locations.
☆766Mar 12, 2026Updated last week
saagarjha / macOSSandboxInitializationBypass
View on GitHub
App sandbox escapes for macOS
☆31May 20, 2020Updated 5 years ago
cedowens / SwiftBelt
View on GitHub
A macOS enumeration tool inspired by harmjoy's Windows-based Seatbelt enumeration tool. Author: Cedric Owens
☆341Apr 28, 2022Updated 3 years ago
0xmachos / macos-scripts
View on GitHub
Various scripts for macOS tasks
☆141Nov 24, 2025Updated 3 months ago
slyd0g / SwiftParseTCC
View on GitHub
Use "Full Disk Access" permissions to read the contents of TCC.db and display it in human-readable format
☆40Jul 27, 2021Updated 4 years ago
richiercyrus / Venator
View on GitHub
[⛔️ Deprecated] Venator is a python tool used to gather data for proactive detection of malicious activity on macOS devices.
☆177Jul 1, 2020Updated 5 years ago
jslegendre / MachXPC
View on GitHub
Bidirectional XPC between two (or more) processes without a MachService daemon
☆57Mar 16, 2022Updated 4 years ago
hot3eed / xpcspy
View on GitHub
Bidirectional XPC message interception and more. Powered by Frida
☆430Nov 9, 2022Updated 3 years ago
saagarjha / expresscall
View on GitHub
Proof-of-concept LLVM fork to speculatively inline objc_msgSend
☆16Dec 11, 2022Updated 3 years ago
j-0-t / murmamau
View on GitHub
Fetching data from system
☆11Jun 18, 2017Updated 8 years ago
mnrkbys / bgiparser
View on GitHub
A parsing tool for backgrounditems.btm
☆53Aug 23, 2024Updated last year
objective-see / WhatsYourSign
View on GitHub
WhatsYourSign adds a menu item to Finder.app. Simply right-, or control-click on any file to display its cryptographic signing informatio…
☆347Jan 17, 2026Updated 2 months ago
Brandon7CC / mac-monitor
View on GitHub
"The missing ProcMon for macOS": Mac Monitor records Endpoint Security events and displays them for analysis.
☆1,277Updated this week
jprx / mock-kernel-2023
View on GitHub
Official Solution and Source Code for the "Mock Kernel" challenge from UIUCTF 2023
☆49Jul 11, 2023Updated 2 years ago
securing / SimpleXPCApp
View on GitHub
Secure example of an XPC helper written in Swift
☆108Mar 16, 2020Updated 6 years ago
xorrior / macOSTools
View on GitHub
macOS Offensive Tools
☆270Sep 28, 2023Updated 2 years ago
vastlimits / esmat
View on GitHub
macOS Endpoint Security Message Analysis Tool
☆47Jan 31, 2022Updated 4 years ago
droe / xnumon
View on GitHub
monitor macOS for malicious activity
☆237Feb 5, 2025Updated last year
its-a-feature / loginItemManipulator
View on GitHub
☆15May 26, 2021Updated 4 years ago
A2nkF / unauthd
View on GitHub
A local privilege escalation chain from user to kernel for MacOS < 10.15.5. CVE-2020–9854
☆86Oct 15, 2020Updated 5 years ago
seemoo-lab / apple-continuity-tools
View on GitHub
Reverse engineering toolkit for Apple's wireless ecosystem
☆85Apr 12, 2021Updated 4 years ago
D00MFist / Mystikal
View on GitHub
macOS Initial Access Payload Generator
☆323Jan 10, 2024Updated 2 years ago
theevilbit / DuckDockTile
View on GitHub
☆17Sep 29, 2023Updated 2 years ago
willyu-elastic / SimpleEndpoint
View on GitHub
Sample code for macOS Extensions Part 3
☆24Feb 20, 2020Updated 6 years ago
objective-see / Netiquette
View on GitHub
Network Monitor
☆370Oct 5, 2024Updated last year
ant4g0nist / Vulnerable-Kext
View on GitHub
A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation
☆236Dec 29, 2020Updated 5 years ago
richiercyrus / Venator-Swift
View on GitHub
Swift Command line tool used for proactive detection of malicious activity on macOS systems.
☆67Jul 1, 2020Updated 5 years ago
antons / dyld-shared-cache-big-sur
View on GitHub
Modifications to Apple's dyld project to fix Objective-C information when extracting dyld_shared_cache from macOS Big Sur to help Hopper …
☆150Oct 1, 2020Updated 5 years ago
ydkhatri / mac_apt
View on GitHub
macOS (& ios) Artifact Parsing Tool
☆1,009Mar 8, 2026Updated last week
axelexic / CSOps
View on GitHub
Utility to manipulate codesigned application in Mac OS X. Demonstrate the use of csops system call.
☆84Mar 21, 2024Updated last year